Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
File: LKyEzuxXs1-jlTSuIwCa6oICOao.mft (raw, json)
Hash identifier: grh1GBha7mJ6VU4sy1qNMmOp1w7slxrkfIB0I05bqJM=
Subject key identifier: 43:D2:72:1A:FF:97:6A:AB:EF:34:A5:74:56:65:D6:C8:D9:B0:5C:BD
Authority key identifier: 2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
Certificate issuer: /CN=2cac84ceec57b35fa39534ae23009aea820239aa
Certificate serial: 019CAA8F8A777B2F77371E1F49DEF79E9028
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
Manifest number: 0A6C
Signing time: Sun 01 Mar 2026 18:00:59 +0000
Manifest this update: Sun 01 Mar 2026 18:00:59 +0000
Manifest next update: Mon 02 Mar 2026 18:00:59 +0000
Files and hashes: 1: Aqd9W6cfpHLafzRO-ayl_GNgqe0.roa (hash: F2Adog2BirH6Gouzr8SZxmAWeuEuTARSmlF0Zm/Q4fY=)
2: LKyEzuxXs1-jlTSuIwCa6oICOao.crl (hash: 7kD8ZuAkDP8OxBX4OENUnd2USk3m9SIKfm8DOFfXgrs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:8a:77:7b:2f:77:37:1e:1f:49:de:f7:9e:90:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cac84ceec57b35fa39534ae23009aea820239aa
Validity
Not Before: Mar 1 18:00:59 2026 GMT
Not After : Mar 2 18:00:59 2026 GMT
Subject: CN=43d2721aff976aabef34a5745665d6c8d9b05cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:e3:5e:9a:0e:aa:24:be:2c:a2:12:39:50:
f9:2c:b1:00:06:0b:12:d4:a9:23:33:50:f3:d5:ea:
fe:b4:3d:1f:3c:13:11:81:80:d0:5e:22:5b:55:81:
38:d4:ef:0a:5c:9c:70:c6:87:51:fc:e3:b9:d5:40:
87:26:28:d9:de:0b:ca:6f:86:32:48:b6:77:a7:a2:
6e:79:71:1d:b4:45:fa:f0:50:5b:3d:a4:5f:eb:af:
22:6b:79:ef:af:1b:22:d8:59:ed:e9:14:31:8d:32:
ff:90:d4:f7:d9:c1:68:4a:60:6a:84:2a:1e:62:55:
1e:82:ac:dd:e3:f8:43:89:39:84:37:3e:b4:c9:ce:
ab:4a:64:08:23:82:8f:5c:15:40:82:28:5d:ca:82:
06:03:20:b6:3b:18:63:0f:6a:0e:60:9c:de:01:43:
49:28:f4:84:f6:da:36:4f:34:9d:63:94:ae:2d:d6:
1e:57:41:d5:50:12:43:cc:59:4f:4d:f6:59:61:c9:
02:b7:36:bf:2d:36:d3:f1:88:cf:cc:04:95:26:b6:
02:2d:7b:91:d6:d0:08:14:54:cd:5d:9d:c0:13:ef:
2d:7b:c8:81:7b:ce:a5:e5:b4:89:8f:6b:0e:be:49:
34:8f:62:22:b8:16:25:5f:68:c4:ac:bb:fb:9f:40:
a0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D2:72:1A:FF:97:6A:AB:EF:34:A5:74:56:65:D6:C8:D9:B0:5C:BD
X509v3 Authority Key Identifier:
keyid:2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:44:68:50:9e:97:78:8c:79:7a:d5:86:d2:4b:d8:11:ba:7e:
7b:9b:2e:a0:e9:70:aa:1d:0c:b5:2d:ad:81:32:cd:20:c0:b6:
bf:bc:e8:5e:20:32:34:3f:b0:fb:ed:da:d3:9c:52:89:a6:ab:
74:d1:59:f8:fd:27:df:48:b6:1d:03:ba:06:fa:3a:3b:70:dc:
68:ce:1d:cd:c1:53:a1:10:69:c1:a4:1b:26:70:d8:ae:02:3f:
ac:01:89:ba:19:ef:96:04:5a:5f:2e:9e:b5:16:67:5e:ad:0b:
96:f7:7b:70:31:b7:58:6b:e5:ed:ef:d1:03:f1:7a:12:cc:e9:
6f:06:bf:59:a2:3f:95:d6:ae:18:a8:a7:3e:bf:59:fe:eb:49:
87:9e:a6:05:da:d5:95:96:96:a2:5a:0e:e6:e5:c5:45:ee:bf:
1f:e6:a1:6b:2b:25:df:65:c5:90:69:c0:97:ff:88:d6:0e:ca:
82:f4:4e:6e:79:ac:98:63:38:9a:22:34:06:b7:6b:dd:71:81:
7c:2e:03:e2:d7:1c:bf:a1:ed:c5:62:fa:c4:3e:a2:dd:60:15:
9d:d5:80:b3:4c:0c:d0:0b:c8:b8:c2:51:a8:cf:b5:f1:97:0f:
f6:87:89:cf:2a:3b:03:51:0b:33:b2:81:67:e9:c1:b5:55:ae:
b6:c8:f6:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj4p3ey93Nx4fSd73npAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWM4NGNlZWM1N2IzNWZhMzk1MzRhZTIzMDA5YWVhODIw
MjM5YWEwHhcNMjYwMzAxMTgwMDU5WhcNMjYwMzAyMTgwMDU5WjAzMTEwLwYDVQQD
Eyg0M2QyNzIxYWZmOTc2YWFiZWYzNGE1NzQ1NjY1ZDZjOGQ5YjA1Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3jjXpoOqiS+LKISOVD5LLEABgsS
1KkjM1Dz1er+tD0fPBMRgYDQXiJbVYE41O8KXJxwxodR/OO51UCHJijZ3gvKb4Yy
SLZ3p6JueXEdtEX68FBbPaRf668ia3nvrxsi2Fnt6RQxjTL/kNT32cFoSmBqhCoe
YlUegqzd4/hDiTmENz60yc6rSmQII4KPXBVAgihdyoIGAyC2OxhjD2oOYJzeAUNJ
KPSE9to2TzSdY5SuLdYeV0HVUBJDzFlPTfZZYckCtza/LTbT8YjPzASVJrYCLXuR
1tAIFFTNXZ3AE+8te8iBe86l5bSJj2sOvkk0j2IiuBYlX2jErLv7n0CgNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPSchr/l2qr7zSldFZl1sjZsFy9MB8GA1UdIwQY
MBaAFCyshM7sV7Nfo5U0riMAmuqCAjmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYt
ZWRlNzBjOGVkNTEzLzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYtZWRlNzBjOGVkNTEz
LzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEERoUJ6X
eIx5etWG0kvYEbp+e5suoOlwqh0MtS2tgTLNIMC2v7zoXiAyND+w++3a05xSiaar
dNFZ+P0n30i2HQO6Bvo6O3DcaM4dzcFToRBpwaQbJnDYrgI/rAGJuhnvlgRaXy6e
tRZnXq0Llvd7cDG3WGvl7e/RA/F6Eszpbwa/WaI/ldauGKinPr9Z/utJh56mBdrV
lZaWoloO5uXFRe6/H+ahaysl32XFkGnAl/+I1g7KgvRObnmsmGM4miI0Brdr3XGB
fC4D4tccv6HtxWL6xD6i3WAVndWAs0wM0AvIuMJRqM+18ZcP9oeJzyo7A1ELM7KB
Z+nBtVWutsj2Sw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:45:11 2026 by rpki-client